server {
    listen       443 ssl;
    server_name  0.0.0.0;

    ssl_certificate  /etc/ssl.crt;
    ssl_certificate_key  /etc/ssl.key;

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2 SSLv2 SSLv3;     #指定SSL服务器端支持的协议版本
    ssl_ciphers  ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;    #指定加密算法
    ssl_prefer_server_ciphers on;
    ssl_session_cache shared:SSL:1m;
    ssl_session_timeout  10m;

    # Load configuration files for the default server block.
    # include /etc/nginx/default.d/*.conf;

    # access_log /var/log/nginx/nginx_access.log;
    # error_log /var/log/nginx/nginx_error.log;

    client_max_body_size 256M;

    location / {
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $http_host;
        proxy_set_header X-Forwarded-Proto https;
        proxy_redirect off;
        proxy_connect_timeout      240;
        proxy_send_timeout         240;
        proxy_read_timeout         240;

        proxy_pass http://{{ proxy_host | default('127.0.0.1') }}:{{ proxy_port | default('8082') }};
    }
}